The CERT Resilience Management Model (CERT-RMM) is a collection of best practices for managing operational resilience. Organizations can use CERT-RMM to determine their current capabilities for managing operational resilience, identify capability gaps, and develop plans to close those gaps. The model contains 26 process areas, and goals and specific practices within each process area. Many of the CERT-RMM process areas are directly applicable to insider threats.
Asset definition and management:
What critical assets must the organization protect from authorized access misuse by insiders?
Organizational training and awareness:
How does the organization ensure its workforce understands the threats to its critical assets that insiders pose, and what are the responsibilities of individual employees to protect the organization’s critical assets from misuse?
Risk management:
What is the impact and likelihood of insider attacks based on the organization’s current capabilities, and how can the organization prioritize investments in reducing the impacts and likelihoods of certain attacks?
Access management:
How can the organization ensure that authorized access to its critical assets is granted only to those with a critical business need?
Monitoring:
How can the organization detect not only the harmful acts associated with insider misuse of authorized access, but the concerning behavior and activity that precede the harmful acts as well? Read More
iTM covers all aspects of cybersecurity from Home cyber security managed solutions to automated, manage threat intelligence, forensic investigations and cyber security training. Our objective is to support organisations and consumers at every step of their cyber maturity journey. Contact Us for more information.